﻿using DAL;
using Model;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;

namespace Web.App_Start
{
    public class MyAuthAttribute: AuthorizeAttribute
    {
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            //用户名
            string userName = filterContext.HttpContext.User.Identity.Name;
            //控制器
            string contollerName = filterContext.RouteData.Values["Controller"].ToString();
            //动作方法
            string actionName = filterContext.RouteData.Values["Action"].ToString();

            //去数据库中判断用户是否有权限

            List<V_UserModuleMessage> list =  V_UserModuleService.GetV_UserModuleMessage(userName);

            List<V_UserModuleMessage> relist = list.Where(p=>p.ControllerName==contollerName&&p.ActionName==actionName).ToList();

            if (relist.Count<=0 && ModuleService.GetModule( contollerName, actionName)!=null)
            {
                filterContext.Result = new RedirectResult("/Back/Login/Login");
            }

        }
    }
}